Nintendo Switch Hardware Hack Perfected by FailOverflow

Nintendo Switch Hardware Hack Perfected by FailOverflow

Nintendo Switch Hardware Hack Perfected by FailOverflow

Following the release of the exploit chain, it will be possible for pirates and hackers to run modified and emulated games on the Switch.

The Reswitched team has started teasing "fusée gelée" as a proof-of-concept coldboot execution hack capable on the Switch. The earlier software-level exploits of Nintendo systems could be mitigated through downloadable system updates that Nintendo attempts to force on the users by making them a need for new software and access to Nintendo's online servers. Exploiting that vulnerability allows Switch owners the opportunity to effectively "jailbreak" the device. This bug is in the RCM mode, which is a USB-based rescue mode intended for initial flashing of Tegra devices and recovery of bricked devices.

It exploits a bug in computer graphics specialist Nvidia's Tegra chipsets, letting anyone who runs it execute their own custom code.

There are various methods for achieving this, with one hardware hacking group tweeting an image of a small plug-in device that can do this easily - although a piece of wire is also enough to do the job.

Details of the exploit are already available on GitHub, although it isn't all that easy to follow.

Rightmove PLC (LON:RMV) Rating Kept by Deutsche Bank Today
Essentra plc manufactures and supplies specialist plastic, fiber, foam, and packaging products worldwide. The company was upgraded on Monday, November 9 by BNP Paribas. (NYSE:SJI) to report earnings on May, 8.

Mitt Romney's Political Comeback Might Not Be As Easy As He Thought
Had either candidate received 60% of the vote, they would have clinched the nomination outright. Trump fired back that Romney "choked like a dog" during his own White House run.

China trade row threatens global confidence, warns International Monetary Fund head Christine Lagarde
But IMF is cautioning a major trade conflict could dim this bright economic outlook. But it will be the implementation that matters, she said.

The exploit works by forcing the Switch into USB recovery mode by shorting a pin on the right Joy-Con controller. Since this is something that can affect every Nintendo Switch unit now in circulation, Nintendo will likely be looking to clamp down and release a hardware revision soon. That in turn causes a DMA buffer overflow in the bootROM, providing hackers access to what is supposed to be a protected area.

Unfortunately this bootROM is hard coded into the machine, which means that - once it leaves the factory - it can not be updated with a software release. Although adding that such an application isn't helpful for a chip-level bootROM exploit, Nintendo may still be able to detect hacked systems via a software update, allowing it to restrict access to machines that have been hacked.

Keep in mind, this is going to open the floodgates to piracy, and how this will affect Nintendo Switch sales is yet to be determined.

It's not just limited to the Nintendo Switch.

As the vulnerability was originally intended for disclosure on June 15th, 2018, the team of developers working on it have not had much time to fully put it to use.

Related news